Imported Upstream version 5.5.0

12 files changed, 140 insertions, 115 deletions

diff --git a/src/libcharon/plugins/ha/Makefile.in b/src/libcharon/plugins/ha/Makefile.in
index 677c36afe..420b8bdb7 100644
--- a/src/libcharon/plugins/ha/Makefile.in
+++ b/src/libcharon/plugins/ha/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
 # @configure_input@
 
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
 
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
 @SET_MAKE@
 
 VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
 am__make_running_with_option = \
   case $${target_option-} in \
       ?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
 build_triplet = @build@
 host_triplet = @host@
 subdir = src/libcharon/plugins/ha
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
-	$(top_srcdir)/depcomp
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
 am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
 	$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
 	$(top_srcdir)/configure.ac
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
 mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
   done | $(am__uniquify_input)`
 ETAGS = etags
 CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
 ALLOCA = @ALLOCA@
 AMTAR = @AMTAR@
 AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
+ATOMICLIB = @ATOMICLIB@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
 AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
 LIPO = @LIPO@
 LN_S = @LN_S@
 LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
 MAKEINFO = @MAKEINFO@
 MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
 PYTHON = @PYTHON@
 PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
 PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
 PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
 resolv_conf = @resolv_conf@
 routing_table = @routing_table@
 routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
 s_plugins = @s_plugins@
 sbindir = @sbindir@
 scepclient_plugins = @scepclient_plugins@
@@ -472,7 +486,6 @@ $(srcdir)/Makefile.in:  $(srcdir)/Makefile.am  $(am__configure_deps)
 	echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/ha/Makefile'; \
 	$(am__cd) $(top_srcdir) && \
 	  $(AUTOMAKE) --gnu src/libcharon/plugins/ha/Makefile
-.PRECIOUS: Makefile
 Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
 	@case '$?' in \
 	  *config.status*) \
@@ -796,6 +809,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
 	mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
 	uninstall-am uninstall-pluginLTLIBRARIES
 
+.PRECIOUS: Makefile
+
 
 # Tell versions [3.59,3.63) of GNU make to not export all variables.
 # Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/ha/ha_attribute.c b/src/libcharon/plugins/ha/ha_attribute.c
index 2b271a8e7..b20ef876a 100644
--- a/src/libcharon/plugins/ha/ha_attribute.c
+++ b/src/libcharon/plugins/ha/ha_attribute.c
@@ -83,7 +83,7 @@ static host_t* offset2host(pool_t *pool, int offset)
 {
 	chunk_t addr;
 	host_t *host;
-	u_int32_t *pos;
+	uint32_t *pos;
 
 	if (offset > pool->size)
 	{
@@ -93,11 +93,11 @@ static host_t* offset2host(pool_t *pool, int offset)
 	addr = chunk_clone(pool->base->get_address(pool->base));
 	if (pool->base->get_family(pool->base) == AF_INET6)
 	{
-		pos = (u_int32_t*)(addr.ptr + 12);
+		pos = (uint32_t*)(addr.ptr + 12);
 	}
 	else
 	{
-		pos = (u_int32_t*)addr.ptr;
+		pos = (uint32_t*)addr.ptr;
 	}
 	*pos = htonl(offset + ntohl(*pos));
 	host = host_create_from_chunk(pool->base->get_family(pool->base), addr, 0);
@@ -111,7 +111,7 @@ static host_t* offset2host(pool_t *pool, int offset)
 static int host2offset(pool_t *pool, host_t *addr)
 {
 	chunk_t host, base;
-	u_int32_t hosti, basei;
+	uint32_t hosti, basei;
 
 	if (addr->get_family(addr) != pool->base->get_family(pool->base))
 	{
@@ -129,8 +129,8 @@ static int host2offset(pool_t *pool, host_t *addr)
 		host = chunk_skip(host, 12);
 		base = chunk_skip(base, 12);
 	}
-	hosti = ntohl(*(u_int32_t*)(host.ptr));
-	basei = ntohl(*(u_int32_t*)(base.ptr));
+	hosti = ntohl(*(uint32_t*)(host.ptr));
+	basei = ntohl(*(uint32_t*)(base.ptr));
 	if (hosti > basei + pool->size)
 	{
 		return -1;
diff --git a/src/libcharon/plugins/ha/ha_cache.c b/src/libcharon/plugins/ha/ha_cache.c
index 0650f7fd9..8394eb722 100644
--- a/src/libcharon/plugins/ha/ha_cache.c
+++ b/src/libcharon/plugins/ha/ha_cache.c
@@ -186,11 +186,13 @@ METHOD(ha_cache_t, delete_, void,
 {
 	entry_t *entry;
 
+	this->mutex->lock(this->mutex);
 	entry = this->cache->remove(this->cache, ike_sa);
 	if (entry)
 	{
 		entry_destroy(entry);
 	}
+	this->mutex->unlock(this->mutex);
 }
 
 /**
@@ -204,7 +206,7 @@ static status_t rekey_children(ike_sa_t *ike_sa)
 	linked_list_t *children;
 	struct {
 		protocol_id_t protocol;
-		u_int32_t spi;
+		uint32_t spi;
 	} *info;
 
 	children = linked_list_create();
diff --git a/src/libcharon/plugins/ha/ha_child.c b/src/libcharon/plugins/ha/ha_child.c
index 7dafb1693..8c9f66aa7 100644
--- a/src/libcharon/plugins/ha/ha_child.c
+++ b/src/libcharon/plugins/ha/ha_child.c
@@ -55,7 +55,7 @@ METHOD(listener_t, child_keys, bool,
 	ha_message_t *m;
 	chunk_t secret;
 	proposal_t *proposal;
-	u_int16_t alg, len;
+	uint16_t alg, len;
 	linked_list_t *local_ts, *remote_ts;
 	enumerator_t *enumerator;
 	traffic_selector_t *ts;
@@ -69,7 +69,7 @@ METHOD(listener_t, child_keys, bool,
 	m = ha_message_create(HA_CHILD_ADD);
 
 	m->add_attribute(m, HA_IKE_ID, ike_sa->get_id(ike_sa));
-	m->add_attribute(m, HA_INITIATOR, (u_int8_t)initiator);
+	m->add_attribute(m, HA_INITIATOR, (uint8_t)initiator);
 	m->add_attribute(m, HA_INBOUND_SPI, child_sa->get_spi(child_sa, TRUE));
 	m->add_attribute(m, HA_OUTBOUND_SPI, child_sa->get_spi(child_sa, FALSE));
 	m->add_attribute(m, HA_INBOUND_CPI, child_sa->get_cpi(child_sa, TRUE));
diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c
index ce90f5bfe..ee66b8442 100644
--- a/src/libcharon/plugins/ha/ha_dispatcher.c
+++ b/src/libcharon/plugins/ha/ha_dispatcher.c
@@ -131,8 +131,8 @@ static void process_ike_add(private_ha_dispatcher_t *this, ha_message_t *message
 	enumerator_t *enumerator;
 	ike_sa_t *ike_sa = NULL, *old_sa = NULL;
 	ike_version_t version = IKEV2;
-	u_int16_t encr = 0, len = 0, integ = 0, prf = 0, old_prf = PRF_UNDEFINED;
-	u_int16_t dh_grp = 0;
+	uint16_t encr = 0, len = 0, integ = 0, prf = 0, old_prf = PRF_UNDEFINED;
+	uint16_t dh_grp = 0;
 	chunk_t nonce_i = chunk_empty, nonce_r = chunk_empty;
 	chunk_t secret = chunk_empty, old_skd = chunk_empty;
 	chunk_t dh_local = chunk_empty, dh_remote = chunk_empty, psk = chunk_empty;
@@ -486,7 +486,7 @@ static void process_ike_mid(private_ha_dispatcher_t *this,
 	ha_message_value_t value;
 	enumerator_t *enumerator;
 	ike_sa_t *ike_sa = NULL;
-	u_int32_t mid = 0;
+	uint32_t mid = 0;
 
 	enumerator = message->create_attribute_enumerator(message);
 	while (enumerator->enumerate(enumerator, &attribute, &value))
@@ -652,11 +652,11 @@ static void process_child_add(private_ha_dispatcher_t *this,
 	child_sa_t *child_sa;
 	proposal_t *proposal;
 	bool initiator = FALSE, failed = FALSE, ok = FALSE;
-	u_int32_t inbound_spi = 0, outbound_spi = 0;
-	u_int16_t inbound_cpi = 0, outbound_cpi = 0;
-	u_int8_t mode = MODE_TUNNEL, ipcomp = 0;
-	u_int16_t encr = 0, integ = 0, len = 0, dh_grp = 0;
-	u_int16_t esn = NO_EXT_SEQ_NUMBERS;
+	uint32_t inbound_spi = 0, outbound_spi = 0;
+	uint16_t inbound_cpi = 0, outbound_cpi = 0;
+	uint8_t mode = MODE_TUNNEL, ipcomp = 0;
+	uint16_t encr = 0, integ = 0, len = 0, dh_grp = 0;
+	uint16_t esn = NO_EXT_SEQ_NUMBERS;
 	u_int seg_i, seg_o;
 	chunk_t nonce_i = chunk_empty, nonce_r = chunk_empty, secret = chunk_empty;
 	chunk_t encr_i, integ_i, encr_r, integ_r;
@@ -777,7 +777,7 @@ static void process_child_add(private_ha_dispatcher_t *this,
 	if (ike_sa->get_version(ike_sa) == IKEV1)
 	{
 		keymat_v1_t *keymat_v1 = (keymat_v1_t*)ike_sa->get_keymat(ike_sa);
-		u_int32_t spi_i, spi_r;
+		uint32_t spi_i, spi_r;
 
 		spi_i = initiator ? inbound_spi : outbound_spi;
 		spi_r = initiator ? outbound_spi : inbound_spi;
@@ -889,7 +889,7 @@ static void process_child_delete(private_ha_dispatcher_t *this,
 	enumerator_t *enumerator;
 	ike_sa_t *ike_sa = NULL;
 	child_sa_t *child_sa;
-	u_int32_t spi = 0;
+	uint32_t spi = 0;
 
 	enumerator = message->create_attribute_enumerator(message);
 	while (enumerator->enumerate(enumerator, &attribute, &value))
diff --git a/src/libcharon/plugins/ha/ha_ike.c b/src/libcharon/plugins/ha/ha_ike.c
index 3ffcaee6b..992ccb06c 100644
--- a/src/libcharon/plugins/ha/ha_ike.c
+++ b/src/libcharon/plugins/ha/ha_ike.c
@@ -78,7 +78,7 @@ METHOD(listener_t, ike_keys, bool,
 	ha_message_t *m;
 	chunk_t secret;
 	proposal_t *proposal;
-	u_int16_t alg, len;
+	uint16_t alg, len;
 
 	if (this->tunnel && this->tunnel->is_sa(this->tunnel, ike_sa))
 	{	/* do not sync SA between nodes */
@@ -168,7 +168,7 @@ METHOD(listener_t, ike_updown, bool,
 	{
 		enumerator_t *enumerator;
 		peer_cfg_t *peer_cfg;
-		u_int32_t extension, condition;
+		uint32_t extension, condition;
 		host_t *addr;
 		ike_sa_id_t *id;
 		identification_t *eap_id;
@@ -349,7 +349,7 @@ METHOD(listener_t, message_hook, bool,
 		ha_message_t *m;
 		notify_payload_t *notify;
 		chunk_t data;
-		u_int32_t seq;
+		uint32_t seq;
 
 		notify = message->get_notify(message, DPD_R_U_THERE);
 		if (notify)
diff --git a/src/libcharon/plugins/ha/ha_kernel.c b/src/libcharon/plugins/ha/ha_kernel.c
index bd43dc351..061741eb7 100644
--- a/src/libcharon/plugins/ha/ha_kernel.c
+++ b/src/libcharon/plugins/ha/ha_kernel.c
@@ -15,8 +15,8 @@
 
 #include "ha_kernel.h"
 
-typedef u_int32_t u32;
-typedef u_int8_t u8;
+typedef uint32_t u32;
+typedef uint8_t u8;
 
 #include <sys/utsname.h>
 #include <string.h>
@@ -115,9 +115,9 @@ static jhash_version_t get_jhash_version()
 /**
  * jhash algorithm of two words, as used in kernel (using 0 as initval)
  */
-static u_int32_t jhash(jhash_version_t version, u_int32_t a, u_int32_t b)
+static uint32_t jhash(jhash_version_t version, uint32_t a, uint32_t b)
 {
-	u_int32_t c = 0;
+	uint32_t c = 0;
 
 	switch (version)
 	{
@@ -162,7 +162,7 @@ static u_int32_t jhash(jhash_version_t version, u_int32_t a, u_int32_t b)
 /**
  * Segmentate a calculated hash
  */
-static u_int hash2segment(private_ha_kernel_t *this, u_int64_t hash)
+static u_int hash2segment(private_ha_kernel_t *this, uint64_t hash)
 {
 	return ((hash * this->count) >> 32) + 1;
 }
@@ -170,11 +170,11 @@ static u_int hash2segment(private_ha_kernel_t *this, u_int64_t hash)
 /**
  * Get a host as an integer for hashing
  */
-static u_int32_t host2int(host_t *host)
+static uint32_t host2int(host_t *host)
 {
 	if (host->get_family(host) == AF_INET)
 	{
-		return *(u_int32_t*)host->get_address(host).ptr;
+		return *(uint32_t*)host->get_address(host).ptr;
 	}
 	return 0;
 }
@@ -183,7 +183,7 @@ METHOD(ha_kernel_t, get_segment, u_int,
 	private_ha_kernel_t *this, host_t *host)
 {
 	unsigned long hash;
-	u_int32_t addr;
+	uint32_t addr;
 
 	addr = host2int(host);
 	hash = jhash(this->version, ntohl(addr), 0);
@@ -192,10 +192,10 @@ METHOD(ha_kernel_t, get_segment, u_int,
 }
 
 METHOD(ha_kernel_t, get_segment_spi, u_int,
-	private_ha_kernel_t *this, host_t *host, u_int32_t spi)
+	private_ha_kernel_t *this, host_t *host, uint32_t spi)
 {
 	unsigned long hash;
-	u_int32_t addr;
+	uint32_t addr;
 
 	addr = host2int(host);
 	hash = jhash(this->version, ntohl(addr), ntohl(spi));
diff --git a/src/libcharon/plugins/ha/ha_kernel.h b/src/libcharon/plugins/ha/ha_kernel.h
index 7b56f1e3a..bd0a3825b 100644
--- a/src/libcharon/plugins/ha/ha_kernel.h
+++ b/src/libcharon/plugins/ha/ha_kernel.h
@@ -45,7 +45,7 @@ struct ha_kernel_t {
 	 * @param spi		SPI to include in hash
 	 * @return			segment number
 	 */
-	u_int (*get_segment_spi)(ha_kernel_t *this, host_t *host, u_int32_t spi);
+	u_int (*get_segment_spi)(ha_kernel_t *this, host_t *host, uint32_t spi);
 
 	/**
 	 * Get the segment an arbitrary integer is in.
diff --git a/src/libcharon/plugins/ha/ha_message.c b/src/libcharon/plugins/ha/ha_message.c
index b40219ce1..42dfaf0e2 100644
--- a/src/libcharon/plugins/ha/ha_message.c
+++ b/src/libcharon/plugins/ha/ha_message.c
@@ -67,10 +67,10 @@ typedef struct ike_sa_id_encoding_t ike_sa_id_encoding_t;
  * Encoding if an ike_sa_id_t
  */
 struct ike_sa_id_encoding_t {
-	u_int8_t ike_version;
-	u_int64_t initiator_spi;
-	u_int64_t responder_spi;
-	u_int8_t initiator;
+	uint8_t ike_version;
+	uint64_t initiator_spi;
+	uint64_t responder_spi;
+	uint8_t initiator;
 } __attribute__((packed));
 
 typedef struct identification_encoding_t identification_encoding_t;
@@ -79,8 +79,8 @@ typedef struct identification_encoding_t identification_encoding_t;
  * Encoding of a identification_t
  */
 struct identification_encoding_t {
-	u_int8_t type;
-	u_int8_t len;
+	uint8_t type;
+	uint8_t len;
 	char encoding[];
 } __attribute__((packed));
 
@@ -90,8 +90,8 @@ typedef struct host_encoding_t host_encoding_t;
  * encoding of a host_t
  */
 struct host_encoding_t {
-	u_int16_t port;
-	u_int8_t family;
+	uint16_t port;
+	uint8_t family;
 	char encoding[];
 } __attribute__((packed));
 
@@ -101,11 +101,11 @@ typedef struct ts_encoding_t ts_encoding_t;
  * encoding of a traffic_selector_t
  */
 struct ts_encoding_t {
-	u_int8_t type;
-	u_int8_t protocol;
-	u_int16_t from_port;
-	u_int16_t to_port;
-	u_int8_t dynamic;
+	uint8_t type;
+	uint8_t protocol;
+	uint16_t from_port;
+	uint16_t to_port;
+	uint8_t dynamic;
 	char encoding[];
 } __attribute__((packed));
 
@@ -139,9 +139,9 @@ METHOD(ha_message_t, add_attribute, void,
 	size_t len;
 	va_list args;
 
-	check_buf(this, sizeof(u_int8_t));
+	check_buf(this, sizeof(uint8_t));
 	this->buf.ptr[this->buf.len] = attribute;
-	this->buf.len += sizeof(u_int8_t);
+	this->buf.len += sizeof(uint8_t);
 
 	va_start(args, attribute);
 	switch (attribute)
@@ -215,13 +215,13 @@ METHOD(ha_message_t, add_attribute, void,
 			this->buf.len += len;
 			break;
 		}
-		/* u_int8_t */
+		/* uint8_t */
 		case HA_IKE_VERSION:
 		case HA_INITIATOR:
 		case HA_IPSEC_MODE:
 		case HA_IPCOMP:
 		{
-			u_int8_t val;
+			uint8_t val;
 
 			val = va_arg(args, u_int);
 			check_buf(this, sizeof(val));
@@ -229,7 +229,7 @@ METHOD(ha_message_t, add_attribute, void,
 			this->buf.len += sizeof(val);
 			break;
 		}
-		/* u_int16_t */
+		/* uint16_t */
 		case HA_ALG_DH:
 		case HA_ALG_PRF:
 		case HA_ALG_OLD_PRF:
@@ -241,26 +241,26 @@ METHOD(ha_message_t, add_attribute, void,
 		case HA_SEGMENT:
 		case HA_ESN:
 		{
-			u_int16_t val;
+			uint16_t val;
 
 			val = va_arg(args, u_int);
 			check_buf(this, sizeof(val));
-			*(u_int16_t*)(this->buf.ptr + this->buf.len) = htons(val);
+			*(uint16_t*)(this->buf.ptr + this->buf.len) = htons(val);
 			this->buf.len += sizeof(val);
 			break;
 		}
-		/** u_int32_t */
+		/** uint32_t */
 		case HA_CONDITIONS:
 		case HA_EXTENSIONS:
 		case HA_INBOUND_SPI:
 		case HA_OUTBOUND_SPI:
 		case HA_MID:
 		{
-			u_int32_t val;
+			uint32_t val;
 
 			val = va_arg(args, u_int);
 			check_buf(this, sizeof(val));
-			*(u_int32_t*)(this->buf.ptr + this->buf.len) = htonl(val);
+			*(uint32_t*)(this->buf.ptr + this->buf.len) = htonl(val);
 			this->buf.len += sizeof(val);
 			break;
 		}
@@ -277,11 +277,11 @@ METHOD(ha_message_t, add_attribute, void,
 			chunk_t chunk;
 
 			chunk = va_arg(args, chunk_t);
-			check_buf(this, chunk.len + sizeof(u_int16_t));
-			*(u_int16_t*)(this->buf.ptr + this->buf.len) = htons(chunk.len);
-			memcpy(this->buf.ptr + this->buf.len + sizeof(u_int16_t),
+			check_buf(this, chunk.len + sizeof(uint16_t));
+			*(uint16_t*)(this->buf.ptr + this->buf.len) = htons(chunk.len);
+			memcpy(this->buf.ptr + this->buf.len + sizeof(uint16_t),
 				   chunk.ptr, chunk.len);
-			this->buf.len += chunk.len + sizeof(u_int16_t);;
+			this->buf.len += chunk.len + sizeof(uint16_t);;
 			break;
 		}
 		/** traffic_selector_t */
@@ -309,7 +309,7 @@ METHOD(ha_message_t, add_attribute, void,
 		default:
 		{
 			DBG1(DBG_CFG, "unable to encode, attribute %d unknown", attribute);
-			this->buf.len -= sizeof(u_int8_t);
+			this->buf.len -= sizeof(uint8_t);
 			break;
 		}
 	}
@@ -435,22 +435,22 @@ METHOD(enumerator_t, attribute_enumerate, bool,
 			this->buf = chunk_skip(this->buf, len + 1);
 			return TRUE;
 		}
-		/* u_int8_t */
+		/* uint8_t */
 		case HA_IKE_VERSION:
 		case HA_INITIATOR:
 		case HA_IPSEC_MODE:
 		case HA_IPCOMP:
 		{
-			if (this->buf.len < sizeof(u_int8_t))
+			if (this->buf.len < sizeof(uint8_t))
 			{
 				return FALSE;
 			}
-			value->u8 = *(u_int8_t*)this->buf.ptr;
+			value->u8 = *(uint8_t*)this->buf.ptr;
 			*attr_out = attr;
-			this->buf = chunk_skip(this->buf, sizeof(u_int8_t));
+			this->buf = chunk_skip(this->buf, sizeof(uint8_t));
 			return TRUE;
 		}
-		/** u_int16_t */
+		/** uint16_t */
 		case HA_ALG_DH:
 		case HA_ALG_PRF:
 		case HA_ALG_OLD_PRF:
@@ -462,29 +462,29 @@ METHOD(enumerator_t, attribute_enumerate, bool,
 		case HA_SEGMENT:
 		case HA_ESN:
 		{
-			if (this->buf.len < sizeof(u_int16_t))
+			if (this->buf.len < sizeof(uint16_t))
 			{
 				return FALSE;
 			}
-			value->u16 = ntohs(*(u_int16_t*)this->buf.ptr);
+			value->u16 = ntohs(*(uint16_t*)this->buf.ptr);
 			*attr_out = attr;
-			this->buf = chunk_skip(this->buf, sizeof(u_int16_t));
+			this->buf = chunk_skip(this->buf, sizeof(uint16_t));
 			return TRUE;
 		}
-		/** u_int32_t */
+		/** uint32_t */
 		case HA_CONDITIONS:
 		case HA_EXTENSIONS:
 		case HA_INBOUND_SPI:
 		case HA_OUTBOUND_SPI:
 		case HA_MID:
 		{
-			if (this->buf.len < sizeof(u_int32_t))
+			if (this->buf.len < sizeof(uint32_t))
 			{
 				return FALSE;
 			}
-			value->u32 = ntohl(*(u_int32_t*)this->buf.ptr);
+			value->u32 = ntohl(*(uint32_t*)this->buf.ptr);
 			*attr_out = attr;
-			this->buf = chunk_skip(this->buf, sizeof(u_int32_t));
+			this->buf = chunk_skip(this->buf, sizeof(uint32_t));
 			return TRUE;
 		}
 		/** chunk_t */
@@ -499,12 +499,12 @@ METHOD(enumerator_t, attribute_enumerate, bool,
 		{
 			size_t len;
 
-			if (this->buf.len < sizeof(u_int16_t))
+			if (this->buf.len < sizeof(uint16_t))
 			{
 				return FALSE;
 			}
-			len = ntohs(*(u_int16_t*)this->buf.ptr);
-			this->buf = chunk_skip(this->buf, sizeof(u_int16_t));
+			len = ntohs(*(uint16_t*)this->buf.ptr);
+			this->buf = chunk_skip(this->buf, sizeof(uint16_t));
 			if (this->buf.len < len)
 			{
 				return FALSE;
diff --git a/src/libcharon/plugins/ha/ha_message.h b/src/libcharon/plugins/ha/ha_message.h
index fe1786edf..630c8af8f 100644
--- a/src/libcharon/plugins/ha/ha_message.h
+++ b/src/libcharon/plugins/ha/ha_message.h
@@ -92,9 +92,9 @@ enum ha_message_attribute_t {
 	HA_REMOTE_ADDR,
 	/** char*, name of configuration */
 	HA_CONFIG_NAME,
-	/** u_int32_t, bitset of ike_condition_t */
+	/** uint32_t, bitset of ike_condition_t */
 	HA_CONDITIONS,
-	/** u_int32_t, bitset of ike_extension_t */
+	/** uint32_t, bitset of ike_extension_t */
 	HA_EXTENSIONS,
 	/** host_t*, local virtual IP */
 	HA_LOCAL_VIP,
@@ -102,7 +102,7 @@ enum ha_message_attribute_t {
 	HA_REMOTE_VIP,
 	/** host_t*, known peer addresses (used for MOBIKE) */
 	HA_PEER_ADDR,
-	/** u_int8_t, initiator of an exchange, TRUE for local */
+	/** uint8_t, initiator of an exchange, TRUE for local */
 	HA_INITIATOR,
 	/** chunk_t, initiators nonce */
 	HA_NONCE_I,
@@ -112,41 +112,41 @@ enum ha_message_attribute_t {
 	HA_SECRET,
 	/** chunk_t, SKd of old SA if rekeying */
 	HA_OLD_SKD,
-	/** u_int16_t, pseudo random function */
+	/** uint16_t, pseudo random function */
 	HA_ALG_PRF,
-	/** u_int16_t, old pseudo random function if rekeying */
+	/** uint16_t, old pseudo random function if rekeying */
 	HA_ALG_OLD_PRF,
-	/** u_int16_t, encryption algorithm */
+	/** uint16_t, encryption algorithm */
 	HA_ALG_ENCR,
-	/** u_int16_t, encryption key size in bytes */
+	/** uint16_t, encryption key size in bytes */
 	HA_ALG_ENCR_LEN,
-	/** u_int16_t, integrity protection algorithm */
+	/** uint16_t, integrity protection algorithm */
 	HA_ALG_INTEG,
-	/** u_int16_t, DH group */
+	/** uint16_t, DH group */
 	HA_ALG_DH,
-	/** u_int8_t, IPsec mode, TUNNEL|TRANSPORT|... */
+	/** uint8_t, IPsec mode, TUNNEL|TRANSPORT|... */
 	HA_IPSEC_MODE,
-	/** u_int8_t, IPComp protocol */
+	/** uint8_t, IPComp protocol */
 	HA_IPCOMP,
-	/** u_int32_t, inbound security parameter index */
+	/** uint32_t, inbound security parameter index */
 	HA_INBOUND_SPI,
-	/** u_int32_t, outbound security parameter index */
+	/** uint32_t, outbound security parameter index */
 	HA_OUTBOUND_SPI,
-	/** u_int16_t, inbound security parameter index */
+	/** uint16_t, inbound security parameter index */
 	HA_INBOUND_CPI,
-	/** u_int16_t, outbound security parameter index */
+	/** uint16_t, outbound security parameter index */
 	HA_OUTBOUND_CPI,
 	/** traffic_selector_t*, local traffic selector */
 	HA_LOCAL_TS,
 	/** traffic_selector_t*, remote traffic selector */
 	HA_REMOTE_TS,
-	/** u_int32_t, message ID */
+	/** uint32_t, message ID */
 	HA_MID,
-	/** u_int16_t, HA segment */
+	/** uint16_t, HA segment */
 	HA_SEGMENT,
-	/** u_int16_t, Extended Sequence numbers */
+	/** uint16_t, Extended Sequence numbers */
 	HA_ESN,
-	/** u_int8_t, IKE version */
+	/** uint8_t, IKE version */
 	HA_IKE_VERSION,
 	/** chunk_t, own DH public value */
 	HA_LOCAL_DH,
@@ -162,9 +162,9 @@ enum ha_message_attribute_t {
  * Union to enumerate typed attributes in a message
  */
 union ha_message_value_t {
-	u_int8_t u8;
-	u_int16_t u16;
-	u_int32_t u32;
+	uint8_t u8;
+	uint16_t u16;
+	uint32_t u32;
 	char *str;
 	chunk_t chunk;
 	ike_sa_id_t *ike_sa_id;
diff --git a/src/libcharon/plugins/ha/ha_segments.h b/src/libcharon/plugins/ha/ha_segments.h
index 76da38082..31d47e371 100644
--- a/src/libcharon/plugins/ha/ha_segments.h
+++ b/src/libcharon/plugins/ha/ha_segments.h
@@ -25,7 +25,7 @@
 
 typedef struct ha_segments_t ha_segments_t;
 
-typedef u_int16_t segment_mask_t;
+typedef uint16_t segment_mask_t;
 
 /**
  * maximum number of segments
diff --git a/src/libcharon/plugins/ha/ha_tunnel.c b/src/libcharon/plugins/ha/ha_tunnel.c
index dd2399366..a0e514614 100644
--- a/src/libcharon/plugins/ha/ha_tunnel.c
+++ b/src/libcharon/plugins/ha/ha_tunnel.c
@@ -79,7 +79,7 @@ struct private_ha_tunnel_t {
 	/**
 	 * Reqid of installed trap
 	 */
-	u_int32_t trap;
+	uint32_t trap;
 
 	/**
 	 * backend for HA SA
@@ -183,10 +183,22 @@ static void setup_tunnel(private_ha_tunnel_t *this,
 	auth_cfg_t *auth_cfg;
 	child_cfg_t *child_cfg;
 	traffic_selector_t *ts;
-	lifetime_cfg_t lifetime = {
-		.time = {
-			.life = 21600, .rekey = 20400, .jitter = 400,
+	peer_cfg_create_t peer = {
+		.cert_policy = CERT_NEVER_SEND,
+		.unique = UNIQUE_KEEP,
+		.rekey_time = 86400, /* 24h */
+		.jitter_time = 7200, /* 2h */
+		.over_time = 3600, /* 1h */
+		.no_mobike = TRUE,
+		.dpd = 30,
+	};
+	child_cfg_create_t child = {
+		.lifetime = {
+			.time = {
+				.life = 21600, .rekey = 20400, .jitter = 400,
+			},
 		},
+		.mode = MODE_TRANSPORT,
 	};
 
 	/* setup credentials */
@@ -208,9 +220,7 @@ static void setup_tunnel(private_ha_tunnel_t *this,
 							 remote, IKEV2_UDP_PORT, FRAGMENTATION_NO, 0);
 	ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
 	ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
-	peer_cfg = peer_cfg_create("ha", ike_cfg, CERT_NEVER_SEND,
-						UNIQUE_KEEP, 0, 86400, 0, 7200, 3600, FALSE, FALSE,
-						TRUE, 30, 0, FALSE, NULL, NULL);
+	peer_cfg = peer_cfg_create("ha", ike_cfg, &peer);
 
 	auth_cfg = auth_cfg_create();
 	auth_cfg->add(auth_cfg, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PSK);
@@ -224,9 +234,7 @@ static void setup_tunnel(private_ha_tunnel_t *this,
 				  identification_create_from_string(remote));
 	peer_cfg->add_auth_cfg(peer_cfg, auth_cfg, FALSE);
 
-	child_cfg = child_cfg_create("ha", &lifetime, NULL, TRUE, MODE_TRANSPORT,
-								 ACTION_NONE, ACTION_NONE, ACTION_NONE, FALSE,
-								 0, 0, NULL, NULL, 0);
+	child_cfg = child_cfg_create("ha", &child);
 	ts = traffic_selector_create_dynamic(IPPROTO_UDP, HA_PORT, HA_PORT);
 	child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
 	ts = traffic_selector_create_dynamic(IPPROTO_ICMP, 0, 65535);